Web-connected cars bring privacy concerns

This is an archived article that was published on sltrib.com in 2013, and information in the article may be outdated. It is provided only for personal research purposes and may not be reprinted.

BARCELONA, Spain • Cars will soon be so linked into wireless networks they will be like giant rolling smartphones  with calling systems, streaming video, cameras and applications capable of harnessing the unprecedented trove of data vehicles will produce about themselves and the humans who drive them.

The battle over who can access all this data is an awkward undercurrent amid recent announcements by car manufacturers touting their new, Internet-capable vehicle systems.

Low on gas? Soon a gas station app may know before you do. Tires need rotating? Your car may wirelessly alert your dealership when it's time. Ready for a lunch break? Your car can make a reasonable guess based on the hour. A savvy restaurant app may soon use additional detail, such as whether the person in the back seat is watching a Disney movie, in deciding to offer an advertisement featuring a Happy Meal and directions to the nearest McDonalds.

Cars have long gathered data to monitor safety and performance. But their newfound connectivity may allow a range of parties  automakers, software developers, perhaps even police officers  new access to such information, privacy advocates say. Because few U.S. laws govern these issues, consumers have little control over who can see this data and how it can be used.

More than 60 percent of vehicles worldwide will be connected directly to the Internet by 2017, up from 11 percent last year, predicts ABI Research. In North America and Europe, that percentage is likely to reach 80 percent.

ARTICLE PHOTO GALLERY

Many cars already record their speed, direction and gear setting, as well as when brakes activate and for how long. Newer systems also can track whether road surfaces are slick or whether the driver is wearing a seat belt - information potentially valuable to police and insurance companies investigating crashes. (Some car insurance companies already monitor driving behavior in exchange for discounted rates.)

"The cars produce literally hundreds of megabytes of data each second," said John Ellis, a Ford technologist who demonstrated some of the new Internet-based systems at the company's display at the Mobile World Congress, which ended last week in Barcelona. "The technology is advancing so much faster than legislation or business models are keeping up. . . . What can government do? What can you do?"

Such issues go beyond vehicles. Many of the nearly 1,500 exhibits at the Mobile World Congress touted technology fueled by personal information. Thermostats, health sensors, even Dumpsters, can function better, according to companies exhibiting their products here, if individual behavior is tracked.

In the United States, proposed new federal highway safety rules would require all new cars by 2014 to come equipped with so-called "black boxes" to save vehicle information from the final seconds before and after crashes. The plan has prompted several privacy groups to lobby for an explicit declaration that data produced by a vehicle is owned by the motorist, with authorities having access only under certain conditions.

Yet some vehicle computer systems already on the road offer the potential for monitoring driver behavior to a far greater extent than "black boxes" do. A critical review of an electric car in The New York Times last month that said the vehicle lost power in cold weather drew an exceptionally detailed rebuttal from the manufacturer, Tesla, that cited logs kept by an onboard computer. (The Times has stood by its review.)

There are few legal standards for what information a vehicle can collect, how it can be used and by whom. Each manufacturer produces its own onboard Internet systems, each with specific rules that few consumers review and even fewer understand, said privacy experts.

"People are being duped into giving away a whole lot of information that maybe somebody ought to ask us about first," said Dorothy Glancy, a Santa Clara (Calif.) University law professor who studies privacy and transportation. "It seems to me you ought to get a choice."

The Internet system used by Ford, which last week announced greater integration with the popular music app Spotify, relies on a user's smartphone to connect with wireless services.

The integration between car and smartphone means that some vehicle data can be made available to developers through an open Internet platform, allowing for a new generation of apps that draw on the information, said Ellis, the Ford technologist who heads its developer program.

The privacy policies of app makers would govern how an individual's personal information can be used, Ellis said. "We assume that you're comfortable with whatever privacy policy that app has."

Also in Barcelona, General Motors announced plans to install high-speed wireless connections on all of its vehicles beginning with the 2015 model year, in partnership with AT&T. The new system will augment OnStar, which long has provided some GM customers with directions, emergency assistance and help recovering stolen cars.

One of the prototype vehicles on display here, a dark blue Cadillac ATS sedan, was outfitted with OnStar, streaming video, music apps and cameras installed aimed at both the interior and exterior of the car. In demonstrations, one of the car's interior cameras took short video clips of occupants that were incorporated in animated sequences broadcast on the dashboard video screen.

Stefan Cross, an executive with public relations firm Weber Shandwick, which was assisting in GM's announcement of the new technology, said one possible feature would alert owners by text messages if their cars are bumped or hit. Owners might then be able to activate the exterior cameras remotely for immediate visual reconnaissance in the aftermath of an incident.

"It allows somebody to stay connected to your car even if you're not in it," he said.

Cross said GM would protect the privacy of its customers, even as the volume of data increases. "We have that data. We're just not prepared to release it to third parties."

Yet experts say that in the absence of strong national privacy laws, valuable data often leaks out. Any information produced by a vehicle and transmitted over the Internet ends up on servers, making it a potential target for authorities, lawyers engaged in court cases or even hackers. Companies also can voluntarily make some data available to app developers in pursuit of better products for customers.

The Federal Trade Commission has repeatedly taken action in recent years against technology companies, including cellphone maker HTC last month, for failing to adequately protect personal data collected from customers.

The prospect of the government itself gaining access to rich new streams of personal information worries some privacy experts as well. Vehicle data could be used to generate tickets or prosecute drivers after accidents.

"As soon as that data starts flowing to outside parties, whether app developers or [wireless] carriers, I start getting nervous," said Jay Stanley, a senior policy analyst for the American Civil Liberties Union. "It raises the prospect that control over individuals by police, by insurance companies, by whoever, might become much more finely grained than we have now."

Share This Article

USER COMMENTS

Reader comments on sltrib.com are the opinions of the writer, not The Salt Lake Tribune. We will delete comments containing obscenities, personal attacks and inappropriate or offensive remarks. Flagrant or repeat violators will be banned. If you see an objectionable comment, please alert us by clicking the arrow on the upper right side of the comment and selecting "Flag comment as inappropriate". If you've recently registered with Disqus or aren't seeing your comments immediately, you may need to verify your email address. To do so, visit disqus.com/account. See more about comments here.